Back to search
CVE-2007-5080
Published: Oct 31, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://service.real.com/realplayer/security/10252007_player/en/
x_refsource_CONFIRM
realplayer-mp3-bo(37434)
vdb-entry
x_refsource_XF
1018866
vdb-entry
x_refsource_SECTRACK
20071030 RealPlayer Updates of October 25, 2007
mailing-list
x_refsource_VIM
ADV-2007-3628
vdb-entry
x_refsource_VUPEN
VU#759385
third-party-advisory
x_refsource_CERT-VN
27361
third-party-advisory
x_refsource_SECUNIA
26214
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now